What OpenShift Online customers should know about L1TF
August 16, 2018 | by
On Aug. 14, 2018, information was released about another set of “speculative execution” issues with Intel microprocessor hardware known as “L1 Terminal Fault”. As with earlier issues like Spectre and Meltdown, this information was coordinated with the release of updated software solutions to help mitigate the issue.
At the time the embargo was lifted, the OpenShift SRE team worked to begin remediation (detailed below) on all OpenShift Online clusters. All Pro clusters finished remediation shortly before 18h00 EDT August 14, 2018. All Starter clusters were patched as of 23h30 EDT August 14, 2018.
The work done to remediate included applying the new kernel, disabling Hyper-Threading, and adjusting cluster parameters around CPU allocation and overcommit settings. These changes may have an impact on overall cluster performance, so we will closely monitor performance and scale up with additional compute nodes as needed.
OpenShift Dedicated customers have been notified separately regarding the remediation of their clusters.
We recently introduced the Web Terminal Operator on OpenShift in Tech Preview. This operator integrates with the OpenShift console (in OpenShift 4.5.3 and higher) to allow you to open a full terminal ...
When you are using large numbers of containers, a stable of images becomes the basis of your environments, your build processes and everything your developers use day to day. As it is incumbent upon ...